diff --git a/content/actions/using-github-hosted-runners/about-github-hosted-runners.md b/content/actions/using-github-hosted-runners/about-github-hosted-runners.md index 16defd8a7e..d47babe64e 100644 --- a/content/actions/using-github-hosted-runners/about-github-hosted-runners.md +++ b/content/actions/using-github-hosted-runners/about-github-hosted-runners.md @@ -90,7 +90,7 @@ While the job runs, the logs and output can be viewed in the {% data variables.p {% note %} -**Note**: {% data variables.product.prodname_dotcom %} also offers {% data variables.actions.hosted_runner %}s, which are available in larger configurations. For more information, see "[Using {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/using-larger-runners)." +**Note**: {% data variables.product.prodname_dotcom %} also offers {% data variables.actions.hosted_runner %}s, which are available in larger configurations. For more information, see "[Machine specs for {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/using-larger-runners#machine-specs-for-larger-runners)." {% endnote %} {% endif %} diff --git a/content/actions/using-github-hosted-runners/using-larger-runners.md b/content/actions/using-github-hosted-runners/using-larger-runners.md index e3251b78a6..d4f33140a6 100644 --- a/content/actions/using-github-hosted-runners/using-larger-runners.md +++ b/content/actions/using-github-hosted-runners/using-larger-runners.md @@ -14,6 +14,16 @@ In addition to the [standard {% data variables.product.prodname_dotcom %}-hosted When you add a {% data variables.actions.hosted_runner %} to an organization, you are defining a type of machine from a selection of available hardware specifications and operating system images. {% data variables.product.prodname_dotcom %} will then create multiple instances of this runner that scale up and down to match the job demands of your organization, based on the autoscaling limits you define. +## Machine specs for {% data variables.actions.hosted_runner %}s + +|Size (vcpu) | Memory (GB) | Storage (SSD) | +| ------------- | ------------- | ------------- | +|4 cores | 16 RAM | 150 GB| +| 8 cores | 32 RAM | 300 GB | +|16 cores| 64 RAM | 600 GB | +|32 cores| 128 RAM| 1200 GB| +|64 cores| 256 RAM | 2040 GB| + ## Architectural overview of {% data variables.actions.hosted_runner %}s The {% data variables.actions.hosted_runner %}s are managed at the organization level, where they are arranged into groups that can contain multiple instances of the runner. They can also be created at the enterprise level and shared with organizations in the hierarchy. Once you've created a group, you can then add a runner to the group and update your workflows to target the label assigned to the {% data variables.actions.hosted_runner %}. You can also control which repositories are permitted to send jobs to the group for processing. For more information about groups, see "[Controlling access to {% data variables.actions.hosted_runner %}s](/actions/using-github-hosted-runners/controlling-access-to-larger-runners)." diff --git a/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md b/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md index 69bad348ac..90a11171f2 100644 --- a/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md +++ b/content/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/about-enterprise-managed-users.md @@ -71,6 +71,7 @@ To use {% data variables.product.prodname_emus %}, you need a separate type of e * {% data variables.enterprise.prodname_managed_users_caps %} and the content they create is only visible to other members of the enterprise. * {% data variables.enterprise.prodname_managed_users_caps %} cannot follow users outside of the enterprise. * {% data variables.enterprise.prodname_managed_users_caps %} cannot create gists or comment on gists. +* {% data variables.enterprise.prodname_managed_users_caps %} cannot create starter workflows for {% data variables.product.prodname_actions %}. * {% data variables.enterprise.prodname_managed_users_caps %} cannot install {% data variables.product.prodname_github_apps %} on their user accounts. * Other {% data variables.product.prodname_dotcom %} users cannot see, mention, or invite a {% data variables.enterprise.prodname_managed_user %} to collaborate. * You can choose whether {% data variables.enterprise.prodname_managed_users %} are able to create repositories owned by their user accounts. For more information, see "[Enforcing repository management policies in your enterprise](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-repository-management-policies-in-your-enterprise#enforcing-a-policy-for-repository-creation)." diff --git a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md index 8afddcebee..863a314cec 100644 --- a/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md +++ b/content/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise.md @@ -159,6 +159,32 @@ The scope of the events that appear in your enterprise's audit log depend on whe | `business.update_saml_provider_settings` | The SAML single sign-on provider settings for an enterprise were updated. {%- endif %} +{% ifversion code-security-audit-log-events %} + +## `business_advanced_security` category actions + +| Action | Description +|--------|------------- +| `business_advanced_security.disabled` | {% data variables.product.prodname_GH_advanced_security %} was disabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_advanced_security.enabled` | {% data variables.product.prodname_GH_advanced_security %} was enabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_advanced_security.disabled_for_new_repos` | {% data variables.product.prodname_GH_advanced_security %} was disabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_advanced_security.enabled_for_new_repos` | {% data variables.product.prodname_GH_advanced_security %} was enabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." + +{% endif %} + +{% ifversion code-security-audit-log-events %} + +## `business_secret_scanning` category actions + +| Action | Description +|--------|------------- +| `business_secret_scanning.disable` | {% data variables.product.prodname_secret_scanning_caps %} was disabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning.enable` | {% data variables.product.prodname_secret_scanning_caps %} was enabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning.disabled_for_new_repos` | {% data variables.product.prodname_secret_scanning_caps %} was disabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning.enabled_for_new_repos` | {% data variables.product.prodname_secret_scanning_caps %} was enabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." + +{% endif %} + {%- ifversion secret-scanning-audit-log-custom-patterns %} ## `business_secret_scanning_custom_pattern` category actions @@ -169,6 +195,31 @@ Action | Description | `business_secret_scanning_custom_pattern.update` | Changes to an enterprise-level custom pattern are saved for secret scanning. {%- endif %} +{% ifversion code-security-audit-log-events %} + +## `business_secret_scanning_push_protection` category actions + +| Action | Description +|--------|------------- +| `business_secret_scanning_push_protection.disable` | Push protection for {% data variables.product.prodname_secret_scanning %} was disabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection.enable` | Push protection for {% data variables.product.prodname_secret_scanning %} was enabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection.disabled_for_new_repos` | Push protection for {% data variables.product.prodname_secret_scanning %} was disabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection.enabled_for_new_repos` | Push protection for {% data variables.product.prodname_secret_scanning %} was enabled for new repositories in your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." + +{% endif %} + +{% ifversion code-security-audit-log-events %} + +## `business_secret_scanning_push_protection_custom_message` category actions + +| Action | Description +|--------|------------- +| `business_secret_scanning_push_protection_custom_message.disable` | The custom message triggered by an attempted push to a push-protected repository was disabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection_custom_message.enable` | The custom message triggered by an attempted push to a push-protected repository was enabled for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection_custom_message.update` | The custom message triggered by an attempted push to a push-protected repository was updated for your enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." + +{% endif %} + ## `checks` category actions | Action | Description @@ -436,7 +487,7 @@ Before you'll see `git` category actions, you must enable Git events in the audi | `integration.revoke_all_tokens` | All user tokens for an integration were requested to be revoked. | `integration.revoke_tokens` | Token(s) for an integration were revoked. -## `integration_installation`category actions +## `integration_installation` category actions | Action | Description |--------|------------- @@ -717,6 +768,11 @@ Before you'll see `git` category actions, you must enable Git events in the audi {%- ifversion fpt or ghec %} | `org.runner_group_visiblity_updated` | The visibility of a self-hosted runner group was updated via the REST API. For more information, see "[Update a self-hosted runner group for an organization](/rest/reference/actions#update-a-self-hosted-runner-group-for-an-organization)." {%- endif %} +{%- ifversion code-security-audit-log-events %} +| `org.secret_scanning_push_protection_custom_message_disabled` | The custom message triggered by an attempted push to a push-protected repository was disabled for your organization. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +| `org.secret_scanning_push_protection_custom_message_enabled` | The custom message triggered by an attempted push to a push-protected repository was enabled for your organization. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +| `org.secret_scanning_push_protection_custom_message_updated` | The custom message triggered by an attempted push to a push-protected repository was updated for your organization. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +{%- endif %} {%- ifversion secret-scanning-audit-log-custom-patterns %} | `org.secret_scanning_push_protection_disable` | An organization owner or administrator disabled push protection for secret scanning. For more information, see "[Protecting pushes with secret scanning](/enterprise-cloud@latest/code-security/secret-scanning/protecting-pushes-with-secret-scanning)." | `org.secret_scanning_push_protection_enable` | An organization owner or administrator enabled push protection for secret scanning. diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md index e7ea77a399..1bdf328430 100644 --- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md +++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/reviewing-the-audit-log-for-your-organization.md @@ -64,7 +64,7 @@ To search for specific events, use the `action` qualifier in your query. Actions | [`org`](#org-category-actions) | Contains activities related to organization membership.{% ifversion ghec %} | [`org_credential_authorization`](#org_credential_authorization-category-actions) | Contains all activities related to authorizing credentials for use with SAML single sign-on.{% endif %}{% ifversion secret-scanning-audit-log-custom-patterns %} | [`org_secret_scanning_custom_pattern`](#org_secret_scanning_custom_pattern-category-actions) | Contains organization-level activities related to secret scanning custom patterns. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)." {% endif %} -| [`organization_label`](#organization_label-category-actions) | Contains all activities related to default labels for repositories in your organization. +| [`organization_default_label`](#organization_default_label-category-actions) | Contains all activities related to default labels for repositories in your organization. | [`oauth_application`](#oauth_application-category-actions) | Contains all activities related to OAuth Apps. | [`packages`](#packages-category-actions) | Contains all activities related to {% data variables.product.prodname_registry %}.{% ifversion fpt or ghec %} | [`payment_method`](#payment_method-category-actions) | Contains all activities related to how your organization pays for GitHub.{% endif %} @@ -455,6 +455,16 @@ For more information, see "[Managing the publication of {% data variables.produc {% endif %} +### `oauth_application` category actions + +| Action | Description +|------------------|------------------- +| `create` | Triggered when a new {% data variables.product.prodname_oauth_app %} is created. +| `destroy` | Triggered when an existing {% data variables.product.prodname_oauth_app %} is deleted. +| `reset_secret` | Triggered when an {% data variables.product.prodname_oauth_app %}'s client secret is reset. +| `revoke_tokens` | Triggered when an {% data variables.product.prodname_oauth_app %}'s user tokens are revoked. +| `transfer` | Triggered when an existing {% data variables.product.prodname_oauth_app %} is transferred to a new organization. + ### `org` category actions | Action | Description @@ -491,9 +501,15 @@ For more information, see "[Managing the publication of {% data variables.produc | `runner_group_updated` | Triggered when the configuration of a self-hosted runner group is changed. For more information, see "[Changing the access policy of a self-hosted runner group](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups#changing-the-access-policy-of-a-self-hosted-runner-group)." | `runner_group_runners_added` | Triggered when a self-hosted runner is added to a group. For more information, see [Moving a self-hosted runner to a group](/actions/hosting-your-own-runners/managing-access-to-self-hosted-runners-using-groups#moving-a-self-hosted-runner-to-a-group). | `runner_group_runner_removed` | Triggered when the REST API is used to remove a self-hosted runner from a group. For more information, see "[Remove a self-hosted runner from a group for an organization](/rest/reference/actions#remove-a-self-hosted-runner-from-a-group-for-an-organization)." -| `runner_group_runners_updated`| Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)."{% ifversion secret-scanning-audit-log-custom-patterns %} +| `runner_group_runners_updated`| Triggered when a runner group's list of members is updated. For more information, see "[Set self-hosted runners in a group for an organization](/rest/reference/actions#set-self-hosted-runners-in-a-group-for-an-organization)." +{%- ifversion code-security-audit-log-events %} +| `secret_scanning_push_protection_custom_message_disabled` | Triggered when an organization owner or admin disables the custom message triggered by an attempted push to a push-protected repository. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +| `secret_scanning_push_protection_custom_message_enabled` | Triggered when an organization owner or admin enables the custom message triggered by an attempted push to a push-protected repository. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +| `secret_scanning_push_protection_custom_message_updated` | Triggered when an organization owner or admin updates the custom message triggered by an attempted push to a push-protected repository. For more information, see "[Protecting pushes with {% data variables.product.prodname_secret_scanning %}](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#enabling-secret-scanning-as-a-push-protection-for-an-organization)." +{%- endif %} +{%- ifversion secret-scanning-audit-log-custom-patterns %} | `secret_scanning_push_protection_disable ` | Triggered when an organization owner or person with admin access to the organization disables push protection for secret scanning. For more information, see "[Protecting pushes with secret scanning](/enterprise-cloud@latest/code-security/secret-scanning/protecting-pushes-with-secret-scanning)." -| `secret_scanning_push_protection_enable ` | Triggered when an organization owner or person with admin access to the organization enables push protection for secret scanning.{% endif %} +| `secret_scanning_push_protection_enable ` | Triggered when an organization owner or person with admin access to the organization enables push protection for {% data variables.product.prodname_secret_scanning %}.{%- endif %} | `self_hosted_runner_online` | Triggered when the runner application is started. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "[Checking the status of a self-hosted runner](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner)." | `self_hosted_runner_offline` | Triggered when the runner application is stopped. Can only be viewed using the REST API; not visible in the UI or JSON/CSV export. For more information, see "[Checking the status of a self-hosted runner](/actions/hosting-your-own-runners/monitoring-and-troubleshooting-self-hosted-runners#checking-the-status-of-a-self-hosted-runner)."{% ifversion fpt or ghes or ghec %} | `self_hosted_runner_updated` | Triggered when the runner application is updated. Can be viewed using the REST API and the UI; not visible in the JSON/CSV export. For more information, see "[About self-hosted runners](/actions/hosting-your-own-runners/about-self-hosted-runners#about-self-hosted-runners)."{% endif %}{% ifversion fpt or ghec %} @@ -529,7 +545,7 @@ For more information, see "[Managing the publication of {% data variables.produc | `delete` | Triggered when a custom pattern is removed from secret scanning in an organization. For more information, see "[Defining custom patterns for secret scanning](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#removing-a-custom-pattern)." {% endif %} -### `organization_label` category actions +### `organization_default_label` category actions | Action | Description |------------------|------------------- @@ -537,16 +553,6 @@ For more information, see "[Managing the publication of {% data variables.produc | `update` | Triggered when a default label is edited. | `destroy` | Triggered when a default label is deleted. -### `oauth_application` category actions - -| Action | Description -|------------------|------------------- -| `create` | Triggered when a new {% data variables.product.prodname_oauth_app %} is created. -| `destroy` | Triggered when an existing {% data variables.product.prodname_oauth_app %} is deleted. -| `reset_secret` | Triggered when an {% data variables.product.prodname_oauth_app %}'s client secret is reset. -| `revoke_tokens` | Triggered when an {% data variables.product.prodname_oauth_app %}'s user tokens are revoked. -| `transfer` | Triggered when an existing {% data variables.product.prodname_oauth_app %} is transferred to a new organization. - ### `packages` category actions | Action | Description | diff --git a/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md b/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md index ace61dda57..6df64f63d2 100644 --- a/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md +++ b/content/site-policy/acceptable-use-policies/github-acceptable-use-policies.md @@ -67,7 +67,7 @@ We do not allow content or activity on GitHub that is: We do not allow content or activity on GitHub that: - directly supports [unlawful active attack or malware campaigns](/github/site-policy/github-active-malware-or-exploits) that are causing technical harms — such as using our platform to deliver malicious executables or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers — with no implicit or explicit dual-use purpose prior to the abuse occurring; or -- uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized.” +- uses our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network. Please note, activities permitted under bug bounty programs, such as the [GitHub Bug Bounty program](https://bounty.github.com), are not considered “unauthorized,” but must only affect the organization whose bug bounty program authorized the activity. ## 6. Services Usage Limits diff --git a/data/features/code-security-audit-log-events.yml b/data/features/code-security-audit-log-events.yml new file mode 100644 index 0000000000..70c216ad00 --- /dev/null +++ b/data/features/code-security-audit-log-events.yml @@ -0,0 +1,4 @@ +versions: + ghec: '*' + ghes: '>3.7' + ghae: '>3.7' diff --git a/data/reusables/audit_log/audit-log-action-categories.md b/data/reusables/audit_log/audit-log-action-categories.md index 50e40c031d..a135b85355 100644 --- a/data/reusables/audit_log/audit-log-action-categories.md +++ b/data/reusables/audit_log/audit-log-action-categories.md @@ -14,11 +14,16 @@ {%- ifversion ghec or ghes or ghae %} | `business` | Contains activities related to business settings for an enterprise. {%- endif %} -{%- ifversion ghec or ghes or ghae %} -| `business` | Contains activities related to business settings for an enterprise. +{%- ifversion code-security-audit-log-events %} +| `business_advanced_security` | Contains activities related to {% data variables.product.prodname_GH_advanced_security %} in an enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning` | Contains activities related to {% data variables.product.prodname_secret_scanning %} in an enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." {%- endif %} {%- ifversion secret-scanning-audit-log-custom-patterns %} -| `business_secret_scanning_custom_pattern` | Contains activities related to custom patterns for secret scanning in an enterprise. +| `business_secret_scanning_custom_pattern` | Contains activities related to custom patterns for {% data variables.product.prodname_secret_scanning %} in an enterprise. +{%- endif %} +{%- ifversion code-security-audit-log-events %} +| `business_secret_scanning_push_protection` | Contains activities related to the push protection feature of {% data variables.product.prodname_secret_scanning %} in an enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." +| `business_secret_scanning_push_protection_custom_message` | Contains activities related to the custom message displayed when push protection is triggered in an enterprise. For more information, see "[Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)." {%- endif %} | `checks` | Contains activities related to check suites and runs. {%- ifversion fpt or ghec %} diff --git a/tests/rendering/robots-txt.js b/tests/rendering/robots-txt.js index b51688901b..a742fcd77f 100644 --- a/tests/rendering/robots-txt.js +++ b/tests/rendering/robots-txt.js @@ -1,6 +1,6 @@ import robotsParser from 'robots-parser' import { get } from '../helpers/e2etest.js' -import { jest } from '@jest/globals' +import { expect, jest } from '@jest/globals' describe('robots.txt', () => { jest.setTimeout(5 * 60 * 1000) @@ -12,6 +12,7 @@ describe('robots.txt', () => { Host: 'docs.github.com', }, }) + expect(res.statusCode).toBe(200) robots = robotsParser('https://docs.github.com/robots.txt', res.text) }) diff --git a/tests/rendering/server.js b/tests/rendering/server.js index ffb2c7882d..646b7315bf 100644 --- a/tests/rendering/server.js +++ b/tests/rendering/server.js @@ -23,7 +23,8 @@ describe('server', () => { // The first page load takes a long time so let's get it out of the way in // advance to call out that problem specifically rather than misleadingly // attributing it to the first test - await get('/en') + const res = await get('/en') + expect(res.statusCode).toBe(200) }) test('supports HEAD requests', async () => { @@ -113,6 +114,7 @@ describe('server', () => { test('sets Content Security Policy (CSP) headers', async () => { const res = await get('/en') + expect(res.statusCode).toBe(200) expect('content-security-policy' in res.headers).toBe(true) const csp = new CspParse(res.headers['content-security-policy']) @@ -134,6 +136,7 @@ describe('server', () => { test('sets Fastly cache control headers', async () => { const res = await get('/en') + expect(res.statusCode).toBe(200) expect(res.headers['cache-control']).toMatch(/public, max-age=/) expect(res.headers['surrogate-key']).toBe(SURROGATE_ENUMS.DEFAULT) }) @@ -231,6 +234,7 @@ describe('server', () => { test('serves /categories.json for support team usage', async () => { const res = await get('/categories.json') + expect(res.statusCode).toBe(200) // check for CORS header expect(res.headers['access-control-allow-origin']).toBe('*') @@ -611,6 +615,7 @@ describe('server', () => { test('redirects old articles to their slugified URL', async () => { const res = await get('/articles/about-github-s-ip-addresses') + expect(res.statusCode).toBe(302) expect(res.text).toBe( 'Found. Redirecting to /en/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses' ) @@ -878,12 +883,14 @@ describe('search', () => { describe('?json query param for context debugging', () => { it('uses query param value as a key', async () => { const res = await get('/en?json=page') + expect(res.statusCode).toBe(200) const page = JSON.parse(res.text) expect(typeof page.title).toBe('string') }) it('returns a helpful message with top-level keys if query param has no value', async () => { const res = await get('/en?json') + expect(res.statusCode).toBe(200) const context = JSON.parse(res.text) expect(context.message.includes('context object is too big to display')).toBe(true)